kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app/controllers/admin
History
Douwe Maan 4d64a32c88 Merge branch 'feature/ldap-sync-edgecases' into 'master' 
LDAP Sync blocked user edgecases

Allow GitLab admins to block otherwise valid GitLab LDAP users
(https://gitlab.com/gitlab-org/gitlab-ce/issues/3462)

Based on the discussion on the original issue, we are going to differentiate "normal" block operations to the ldap automatic ones in order to make some decisions when its one or the other.

Expected behavior:

- [x] "ldap_blocked" users respond to both `blocked?` and `ldap_blocked?`
- [x] "ldap_blocked" users can't be unblocked by the Admin UI
- [x] "ldap_blocked" users can't be unblocked by the API
- [x] Block operations that are originated from LDAP synchronization will flag user as "ldap_blocked"
- [x] Only "ldap_blocked" users will be automatically unblocked by LDAP synchronization
- [x] When LDAP identity is removed, we should convert `ldap_blocked` into `blocked`
 
Mockup for the Admin UI with both "ldap_blocked" and normal "blocked" users:
![image](/uploads/4f56fc17b73cb2c9e2a154a22e7ad291/image.png)

There will be another MR for the EE version.

See merge request !2242
2016-01-14 11:00:08 +00:00
..
abuse_reports_controller.rb Block the reported user before destroying the record 2016-01-12 20:59:55 -05:00
application_controller.rb refactor login as to be impersonation with better login/logout 2015-10-29 11:00:17 +01:00
application_settings_controller.rb Make the metrics sampler interval configurable 2016-01-13 12:29:48 +01:00
applications_controller.rb Small improvements to CI 2015-01-17 16:17:34 -08:00
background_jobs_controller.rb Use Gitlab.config instead of Settings everywhere 2014-10-15 23:01:31 +02:00
broadcast_messages_controller.rb Broadcast Messages can now be edited 2016-01-13 11:42:15 -05:00
builds_controller.rb Show 'All' tab by default in the builds page 2016-01-04 10:21:10 -02:00
dashboard_controller.rb Explicitly define ordering in models using default_scope 2015-02-05 14:20:55 -08:00
deploy_keys_controller.rb Remove show actions from Admin and Project DeployKeys 2015-06-03 18:03:04 -04:00
groups_controller.rb Wrap group removal into service 2015-06-03 14:07:20 +02:00
hooks_controller.rb Redirect to a default path if HTTP_REFERER is not set 2015-10-20 07:45:48 -07:00
identities_controller.rb Code style fixes and some code simplified 2016-01-08 16:26:04 -02:00
impersonation_controller.rb Be more explicit with the impersonate return URL 2015-12-02 13:21:07 -05:00
keys_controller.rb Fixed the Rails/ActionFilter cop 2015-04-20 15:39:37 +02:00
labels_controller.rb added spinach for glabal labels 2015-09-03 19:02:14 +03:00
logs_controller.rb Added the correct hierarchy of controllers for the administrative part 2013-01-24 22:31:24 +02:00
projects_controller.rb Allow listing of archived projects 2015-08-19 13:46:59 +02:00
runner_projects_controller.rb Remove ci_ prefix from all ci related things 2015-12-11 18:02:09 +01:00
runners_controller.rb Migrate CI::Project to Project 2015-12-11 18:02:09 +01:00
services_controller.rb Improve invalidation of stored service password if the endpoint URL is changed 2015-10-15 12:07:59 +02:00
users_controller.rb Prevent ldap_blocked users from being unblocked by the Admin UI 2016-01-08 16:26:04 -02:00